Grpc Swift Security Vulnerabilities and Issues — Grpc Swift CVE List

Lucene search

LinuxfoundationGrpc Swift

4 matches found

CVE•added 2022/03/25 5:15 p.m.•87 views

CVE-2022-24777

grpc-swift is the Swift language implementation of gRPC, a remote procedure call (RPC) framework. Prior to version 1.7.2, a grpc-swift server is vulnerable to a denial of service attack via a reachable assertion. This is due to incorrect logic when handling GOAWAY frames. The attack is low-effort: ...

7.5CVSS7.1AI score0.00317EPSS

CVE•added 2021/07/09 12:15 p.m.•46 views

CVE-2021-36153

Mismanaged state in GRPCWebToHTTP2ServerCodec.swift in gRPC Swift 1.1.0 and 1.1.1 allows remote attackers to deny service by sending malformed requests.

7.5CVSS7.5AI score0.01361EPSS

CVE•added 2021/07/09 12:15 p.m.•44 views

CVE-2021-36155

LengthPrefixedMessageReader in gRPC Swift 1.1.0 and earlier allocates buffers of arbitrary length, which allows remote attackers to cause uncontrolled resource consumption and deny service.

7.5CVSS7.5AI score0.00846EPSS

CVE•added 2021/07/09 12:15 p.m.•34 views

CVE-2021-36154

HTTP2ToRawGRPCServerCodec in gRPC Swift 1.1.1 and earlier allows remote attackers to deny service via the delivery of many small messages within a single HTTP/2 frame, leading to Uncontrolled Recursion and stack consumption.

7.5CVSS7.4AI score0.00846EPSS